A nationwide health information technology (health IT) infrastructure can offer tremendous benefits to the American public, including the prevention of medical errors, improved efficiency and health care quality, reduced costs, and increased consumer engagement. However, if health IT is not designed, developed, implemented, maintained, or used properly, it can pose risks to patients.

Section 618 of the Food and Drug Administration Safety and Innovation Act (FDASIA), Public Law 112-144, requires that the Food and Drug Administration (FDA), in consultation with the Office of the National Coordinator for Health Information Technology (ONC) and the Federal Communications Commission (FCC) (collectively referred to for purposes of this report as “the Agencies”1), develop and post on their respective web sites “a report that contains a proposed strategy and recommendations on an appropriate, risk-based regulatory framework pertaining to health information technology, including mobile medical applications, that promotes innovation, protects patient safety, and avoids regulatory duplication.” This report fulfills the Section 618 requirement.